[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration"
From: |
Gary E. Miller |
Subject: |
Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration" |
Date: |
Tue, 19 Jan 2021 14:14:51 -0800 |
Yo Joshua!
You are correct: I have nothing more on sudo.
On Tue, 19 Jan 2021 17:10:31 -0500
Joshua Judson Rosen <rozzin@hackerposse.com> wrote:
> On 1/19/21 1:08 PM, Gary E. Miller wrote:
> > Yo Joshua!
> >
> > On Tue, 19 Jan 2021 12:17:11 -0500
> > Joshua Judson Rosen <rozzin@hackerposse.com> wrote:
> >
> >> On 1/18/21 1:23 PM, Gary E. Miller wrote:
> >>> If you wish to ignore my sage advice, feel free to run insecure
> >>> systems.
> >>>
> >>> But this list is for discussion of gpsd. Not sudo.
> >>
> >> Then why are you so insistent on discussing the general security
> >> issues of sudo and whether people should use it at all, instead of
> >> just describing what the actual issue is with _specifically as
> >> applied to gpsd_?
> >
> > Because I hate wasting my time on dead ends.
> [...]
> > The text clearly says that sudo breaks ubxtool examples. What more
> > do you need to know to not use sudo with ubxtool examples?
>
> Good question--I thought that's what Bernd was saying in his initial
> response on Friday, though he didn't phrase it as a question.
> I would answer "nothing more". If that's all you want to say, why not
> have your doc _just say that_?
>
> You are the only one insisting that the users need to also be briefed
> in general security issues related to sudo and AFAICT unrelated to
> gpsd or ubxtool.
>
> If you want to just drop that discussion and reduce the text to
> something like:
>
> Do not run ubxtool with sudo!
>
> For some reason some users persist in using sudo with
> ubxtool. This is wrong:
>
> While ubxtool will run fine if root runs it, ubxtool
> never needs root access!
>
> Using sudo with some of these examples will break
> them--do not use sudo to run ubxtool.
>
> ... then everyone will likely stop giving you the feedback you
> requested on the phrasing of those now-eliminated sudo/security
> advisories.
>
> > I thought this was vey clear:
> >
> > https://gpsd.io/ubxtool-examples.html
> >
> > ubxtool never needs root access, but will run fine as root.
>
> I thought that statement was reasonably clear and complete as well
> (though it could be slightly cleaned by rephrasing as I described
> above). Especially if you just *stopped there* instead of rambling on
> about what are AFAICT unrelated general sysadmin/security issues
> (especially since you then explicitly stated "Please let us keep the
> discussion to the specifics at hand: running ubxtool under sudo.
> general sysadmin issues should be discussed elsehere [sic?].")
>
> > Howcum everyone wants to discuss this ad nauseum,
>
> I'm sorry, but you've lost me. I'd like to offer constructive
> criticism of your `implementation' (the text expressing your idea,
> whatever it is) without having to join the fight over the idea
> itself--since I thought you had asked for such feedback. But I can't
> figure out what the point of this conversation is anymore.
>
> AFAICT you're the one who keeps steering the conversation
> back to "sudo security issues" etc. at all. Bernd and I have both
> suggested just dropping that line of conversation entirely at this
> point.
>
> Nobody else does want to talk about it, AFAICT.
>
> The constant vacillation (to the point where I agreed with you
> and you immediately shot back "I disagree") makes it look like you
> are fighting with yourself.
>
> I don't even understand what you're trying to accomplish at this
> point, or what you're even seeking feedback on. I am thoroughly
> confused.
>
> Some of the responses I'm getting from you just make no sense to me--
> it's almost like you've lost track of whether you're responding
> to me or to Bernd.
>
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem@rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can't measure it, you can't improve it." - Lord Kelvin
pgpMiShmSZCpq.pgp
Description: OpenPGP digital signature
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", (continued)
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Gary E. Miller, 2021/01/16
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Bernd Zeimetz, 2021/01/17
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Gary E. Miller, 2021/01/17
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Bernd Zeimetz, 2021/01/18
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Gary E. Miller, 2021/01/18
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Joshua Judson Rosen, 2021/01/19
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Gary E. Miller, 2021/01/19
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Kai Harrekilde-Petersen, 2021/01/19
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Gary E. Miller, 2021/01/19
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Joshua Judson Rosen, 2021/01/19
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration",
Gary E. Miller <=
Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Gary E. Miller, 2021/01/15
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Michael J. Tubby B.Sc. MIET, 2021/01/15
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Gary E. Miller, 2021/01/15
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", James Browning, 2021/01/15
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Gary E. Miller, 2021/01/15
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Bernd Zeimetz, 2021/01/16
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Gary E. Miller, 2021/01/16
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Bernd Zeimetz, 2021/01/18
- Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Gary E. Miller, 2021/01/18
Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration", Gary E. Miller, 2021/01/15